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V. AMENDED SUMMARY OF CLAIMED SUBJECT MATTER 

The following summary correlates claim elements to embodiments described in the 
application specification, but does not in any manner limit claim interpretation. Rather, the 
following summary is provided only to facilitate the Board's understanding of the subject matter 
of this appeal. 

According to aspects of the present invention, web-services users 202 control access to 
their user-specific information stored with a web-services service by access control settings. 
(Application, page 11, lines 1-15). The web-services client determines dynamically whether to 
grant or deny an access request that does not comply with default access control settings. 
Advantageously, the present invention rests the burden of managing intentions with each web- 
services client. Stated differently, the present invention places no additional burdens on the 
authorization and authentication mechanisms used by the web-services provider. See 
Application, pages 16-22, 41 (lines 8-20) and FIG. 2. 

In this regard, claim 29 is directed to a system for controlling access to user-specific 
information in a network computing environment. As described in the application and illustrated 
in FIG. 2, aspects of the invention include a web-services service provider 204, a user 202 of a 
service (#1 to #n) of the web-services provider 204, a client 220 of the web-services provider 
204, an access control engine 232 and a consent engine 236. (Application, FIG. 2). The web- 
services provider 204 maintains a data store of user-specific information associated with the user 
202. (Application, page 17, lines 7-9). The user- specific information is accessible by the user 
202. Accessed by the client 220 is controlled by the user 202. (Application, page 19, lines 25- 
30). A set of default access preferences 234 define a list of default access permissions 210, 216 
that are allowed by the user 202. (Application, page 21, lines 1-8). 

The client 220 generates a request to access to certain of the user-specific information 
associated with the user 202. (Application, page 22, lines 2-5). The request identifies an 
intended use by the client 220 of the certain user-specific information in the data store. 
(Application, page 22, lines 5-6). 

The access control engine 232 receives the client request to access the certain user- 
specific information and dynamically creates an access control rule by comparing the set of 
default access preferences with the intended use by the client. (Application, page 22, lines 6-9). 
The access control rule grants the requested access by the client to the certain user-specific 
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information if the intended use of the client of the certain user-specific information is within the 
list of default access permissions defined by the set of default access preferences defined by the 
user 202. (Application, page 22, lines 9-11). 

The consent engine 236 generates an option list in response to the client's request for 
user-specific information when the intended use is outside the list of default access preferences 
defined by the user 202. (Application, page 30, lines 11-16; page 30, line 30 - page 31, line 2). 
The option list contains at least one entry based on the intended use by the client of the user- 
specific information in the data store. (Application, FIG. 3). The consent engine 236 displays on 
the display interface of the network communication device an option menu reflecting the 
generated option list. (Application, page 30, line 30 - page 31, line 2). The option menu 
prompts the user to accept or reject at least one option displayed on the option menu using the 
selection interface of the network communication device. (Application, page 35, lines 1 1-13 ;S ee 
Application, pages M, 35 and FIGS. 5A, 5B). 
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